340 research outputs found
Deep Expander Networks: Efficient Deep Networks from Graph Theory
Efficient CNN designs like ResNets and DenseNet were proposed to improve
accuracy vs efficiency trade-offs. They essentially increased the connectivity,
allowing efficient information flow across layers. Inspired by these
techniques, we propose to model connections between filters of a CNN using
graphs which are simultaneously sparse and well connected. Sparsity results in
efficiency while well connectedness can preserve the expressive power of the
CNNs. We use a well-studied class of graphs from theoretical computer science
that satisfies these properties known as Expander graphs. Expander graphs are
used to model connections between filters in CNNs to design networks called
X-Nets. We present two guarantees on the connectivity of X-Nets: Each node
influences every node in a layer in logarithmic steps, and the number of paths
between two sets of nodes is proportional to the product of their sizes. We
also propose efficient training and inference algorithms, making it possible to
train deeper and wider X-Nets effectively.
Expander based models give a 4% improvement in accuracy on MobileNet over
grouped convolutions, a popular technique, which has the same sparsity but
worse connectivity. X-Nets give better performance trade-offs than the original
ResNet and DenseNet-BC architectures. We achieve model sizes comparable to
state-of-the-art pruning techniques using our simple architecture design,
without any pruning. We hope that this work motivates other approaches to
utilize results from graph theory to develop efficient network architectures.Comment: ECCV'1
Balanced Allocations and Double Hashing
Double hashing has recently found more common usage in schemes that use
multiple hash functions. In double hashing, for an item , one generates two
hash values and , and then uses combinations for to generate multiple hash values from the initial two. We
first perform an empirical study showing that, surprisingly, the performance
difference between double hashing and fully random hashing appears negligible
in the standard balanced allocation paradigm, where each item is placed in the
least loaded of choices, as well as several related variants. We then
provide theoretical results that explain the behavior of double hashing in this
context.Comment: Further updated, small improvements/typos fixe
Simulating Auxiliary Inputs, Revisited
For any pair of correlated random variables we can think of as a
randomized function of . Provided that is short, one can make this
function computationally efficient by allowing it to be only approximately
correct. In folklore this problem is known as \emph{simulating auxiliary
inputs}. This idea of simulating auxiliary information turns out to be a
powerful tool in computer science, finding applications in complexity theory,
cryptography, pseudorandomness and zero-knowledge. In this paper we revisit
this problem, achieving the following results:
\begin{enumerate}[(a)] We discuss and compare efficiency of known results,
finding the flaw in the best known bound claimed in the TCC'14 paper "How to
Fake Auxiliary Inputs". We present a novel boosting algorithm for constructing
the simulator. Our technique essentially fixes the flaw. This boosting proof is
of independent interest, as it shows how to handle "negative mass" issues when
constructing probability measures in descent algorithms. Our bounds are much
better than bounds known so far. To make the simulator
-indistinguishable we need the complexity in time/circuit size, which is better by a
factor compared to previous bounds. In particular, with our
technique we (finally) get meaningful provable security for the EUROCRYPT'09
leakage-resilient stream cipher instantiated with a standard 256-bit block
cipher, like .Comment: Some typos present in the previous version have been correcte
Simple extractors via constructions of cryptographic pseudo-random generators
Trevisan has shown that constructions of pseudo-random generators from hard
functions (the Nisan-Wigderson approach) also produce extractors. We show that
constructions of pseudo-random generators from one-way permutations (the
Blum-Micali-Yao approach) can be used for building extractors as well. Using
this new technique we build extractors that do not use designs and
polynomial-based error-correcting codes and that are very simple and efficient.
For example, one extractor produces each output bit separately in
time. These extractors work for weak sources with min entropy , for
arbitrary constant , have seed length , and their
output length is .Comment: 21 pages, an extended abstract will appear in Proc. ICALP 2005; small
corrections, some comments and references adde
A New Approximate Min-Max Theorem with Applications in Cryptography
We propose a novel proof technique that can be applied to attack a broad
class of problems in computational complexity, when switching the order of
universal and existential quantifiers is helpful. Our approach combines the
standard min-max theorem and convex approximation techniques, offering
quantitative improvements over the standard way of using min-max theorems as
well as more concise and elegant proofs
Modulus Computational Entropy
The so-called {\em leakage-chain rule} is a very important tool used in many
security proofs. It gives an upper bound on the entropy loss of a random
variable in case the adversary who having already learned some random
variables correlated with , obtains some further
information about . Analogously to the information-theoretic
case, one might expect that also for the \emph{computational} variants of
entropy the loss depends only on the actual leakage, i.e. on .
Surprisingly, Krenn et al.\ have shown recently that for the most commonly used
definitions of computational entropy this holds only if the computational
quality of the entropy deteriorates exponentially in
. This means that the current standard definitions
of computational entropy do not allow to fully capture leakage that occurred
"in the past", which severely limits the applicability of this notion.
As a remedy for this problem we propose a slightly stronger definition of the
computational entropy, which we call the \emph{modulus computational entropy},
and use it as a technical tool that allows us to prove a desired chain rule
that depends only on the actual leakage and not on its history. Moreover, we
show that the modulus computational entropy unifies other,sometimes seemingly
unrelated, notions already studied in the literature in the context of
information leakage and chain rules. Our results indicate that the modulus
entropy is, up to now, the weakest restriction that guarantees that the chain
rule for the computational entropy works. As an example of application we
demonstrate a few interesting cases where our restricted definition is
fulfilled and the chain rule holds.Comment: Accepted at ICTS 201
Asymptotic entanglement in a two-dimensional quantum walk
The evolution operator of a discrete-time quantum walk involves a conditional
shift in position space which entangles the coin and position degrees of
freedom of the walker. After several steps, the coin-position entanglement
(CPE) converges to a well defined value which depends on the initial state. In
this work we provide an analytical method which allows for the exact
calculation of the asymptotic reduced density operator and the corresponding
CPE for a discrete-time quantum walk on a two-dimensional lattice. We use the
von Neumann entropy of the reduced density operator as an entanglement measure.
The method is applied to the case of a Hadamard walk for which the dependence
of the resulting CPE on initial conditions is obtained. Initial states leading
to maximum or minimum CPE are identified and the relation between the coin or
position entanglement present in the initial state of the walker and the final
level of CPE is discussed. The CPE obtained from separable initial states
satisfies an additivity property in terms of CPE of the corresponding
one-dimensional cases. Non-local initial conditions are also considered and we
find that the extreme case of an initial uniform position distribution leads to
the largest CPE variation.Comment: Major revision. Improved structure. Theoretical results are now
separated from specific examples. Most figures have been replaced by new
versions. The paper is now significantly reduced in size: 11 pages, 7 figure
Formalizing Data Deletion in the Context of the Right to be Forgotten
The right of an individual to request the deletion of their personal data by
an entity that might be storing it -- referred to as the right to be forgotten
-- has been explicitly recognized, legislated, and exercised in several
jurisdictions across the world, including the European Union, Argentina, and
California. However, much of the discussion surrounding this right offers only
an intuitive notion of what it means for it to be fulfilled -- of what it means
for such personal data to be deleted.
In this work, we provide a formal definitional framework for the right to be
forgotten using tools and paradigms from cryptography. In particular, we
provide a precise definition of what could be (or should be) expected from an
entity that collects individuals' data when a request is made of it to delete
some of this data. Our framework captures several, though not all, relevant
aspects of typical systems involved in data processing. While it cannot be
viewed as expressing the statements of current laws (especially since these are
rather vague in this respect), our work offers technically precise definitions
that represent possibilities for what the law could reasonably expect, and
alternatives for what future versions of the law could explicitly require.
Finally, with the goal of demonstrating the applicability of our framework
and definitions, we consider various natural and simple scenarios where the
right to be forgotten comes up. For each of these scenarios, we highlight the
pitfalls that arise even in genuine attempts at implementing systems offering
deletion guarantees, and also describe technological solutions that provably
satisfy our definitions. These solutions bring together techniques built by
various communities
A multicenter case registry study on medication-related osteonecrosis of the jaw in patients with advanced cancer
PURPOSE: This observational case registry study was designed to describe the natural history of cancer patients with medication-related osteonecrosis of the jaw (ONJ) and evaluate the ONJ resolution rate. METHODS: Adults with a diagnosis of cancer and with a new diagnosis of ONJ were enrolled and evaluated by a dental specialist at baseline and every 3 months for 2 years and then every 6 months for 3 years until death, consent withdrawal, or loss to follow-up. The primary endpoint was the rate and time course of ONJ resolution. Secondary endpoints included frequency of incident ONJ risk factors, ONJ treatment patterns, and treatment patterns of antiresorptive agents for subsequent ONJ. RESULTS: Overall, 327 patients were enrolled; 207 (63%) were continuing on study at data cutoff. Up to 69% of evaluable patients with ONJ had resolution or improvement during the study. ONJ resolution (AAOMS ONJ staging criteria) was observed in 114 patients (35%); median (interquartile range) time from ONJ onset to resolution was 7.3 (4.5-11.4) months. Most patients (97%) had received antiresorptive medication before ONJ development, 9 patients (3%) had not; 68% had received zoledronic acid, 38% had received denosumab, and 10% had received pamidronate (56% had received bisphosphonates only, 18% had received denosumab only, and 21% had exposure to both). CONCLUSIONS: These results are consistent with those observed in clinical trials evaluating skeletal-related events in patients with advanced malignancy involving bone. Longer follow-up will provide further information on ONJ recurrence and resolution rates between medically and surgically managed patients
On the Round Complexity of the Shuffle Model
The shuffle model of differential privacy was proposed as a viable model for
performing distributed differentially private computations. Informally, the
model consists of an untrusted analyzer that receives messages sent by
participating parties via a shuffle functionality, the latter potentially
disassociates messages from their senders. Prior work focused on one-round
differentially private shuffle model protocols, demonstrating that
functionalities such as addition and histograms can be performed in this model
with accuracy levels similar to that of the curator model of differential
privacy, where the computation is performed by a fully trusted party.
Focusing on the round complexity of the shuffle model, we ask in this work
what can be computed in the shuffle model of differential privacy with two
rounds. Ishai et al. [FOCS 2006] showed how to use one round of the shuffle to
establish secret keys between every two parties. Using this primitive to
simulate a general secure multi-party protocol increases its round complexity
by one. We show how two parties can use one round of the shuffle to send secret
messages without having to first establish a secret key, hence retaining round
complexity. Combining this primitive with the two-round semi-honest protocol of
Applebaun et al. [TCC 2018], we obtain that every randomized functionality can
be computed in the shuffle model with an honest majority, in merely two rounds.
This includes any differentially private computation. We then move to examine
differentially private computations in the shuffle model that (i) do not
require the assumption of an honest majority, or (ii) do not admit one-round
protocols, even with an honest majority. For that, we introduce two
computational tasks: the common-element problem and the nested-common-element
problem, for which we show separations between one-round and two-round
protocols
- …